JP2003248629A - Removable disc device having identification information - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent unauthorized use of contents on which rights are set. <P>SOLUTION: An application 33 for regenerating contents, acquires drive ID (DID) from a hard disc (HDD) 31, and transmits the DID to a distribution server 35 through a communication network 34. The distribution server 35 certifies HDD 31 from the received DID, and distributes the contents. The application 33 reads and regenerates the contents from the HDD 31. <P>COPYRIGHT: (C)2003,JPO

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a removable disk device having a disk for storing data and a mechanism for reading and writing data in the disk, and an information processing apparatus to which such a disk device is connected.

[0002]

2. Description of the Related Art HD
Since the D (Hard Disk Drive) can be easily duplicated when separated from the information processing device, the right holder of the software content whose right is set such as video and music prohibits the removable HDD as the installation destination. Therefore, such software contents are usually installed only in the non-detachable HDD incorporated in the information processing apparatus.

As described above, in the conventional HDD, when the HDD and the information processing device are separated, the mechanism for managing the contents does not work. Therefore, it is difficult to use the removable HDD as a medium for distributing a large amount of copyrighted digital information.

An object of the present invention is to provide a removable disk device and an information processing device that prevent unauthorized use of content for which rights have been set.

[0005]

FIG. 1 is a principle view of a removable disk device of the present invention. In the first aspect of the present invention, the removable disk device is used by being connected to an information processing device that receives data from a distribution server, and includes a disk medium unit 11, a read unit 12, an interface unit 13, and a write unit 14. .

Non-rewritable identification information is recorded in the disk medium means 11, and the reading means 12 reads the identification information from the disk medium means 11 in response to a request from the information processing device. The interface unit 13 sends the identification information to the information processing device, and receives from the information processing device the data received from the distribution server by the information processing device using the identification information. Then, the write means 14 writes the data in the disk medium means 11.

The identification information recorded on the disk medium means 11 cannot be rewritten by the user, and in order to receive data from the distribution server, the identification information must be used to request the distribution server for data. . Therefore, the data is not distributed to other removable disk devices that do not have the correct identification information, and unauthorized download is prevented.

In this case, the disk medium means 11 corresponds to, for example, the medium 37 shown in FIG.
The write means 14 is, for example, H of FIG.
The interface means 13 corresponds to the EAD 173, and corresponds to, for example, the I / F 165 in FIG. 13. Further, the non-rewritable identification information corresponds to, for example, the drive ID 46 of FIG. 5 described later.

In the second aspect of the present invention, the removable disk device is used by being connected to an information processing device for reproducing data, and comprises a disk medium means 11, an interface means 13, and a writing means 14.

Non-rewritable identification information is recorded in the disk medium means 11, and the write means 14 writes the data encrypted in the disk medium means 11 in such a manner that it can be decrypted using the identification information. . Then, the interface unit 13 sends the identification information and the encrypted data to the information processing device.

The identification information recorded on the disk medium means 11 cannot be rewritten by the user and must be decrypted using the identification information in order to reproduce the encrypted data. Therefore, even if the encrypted data is copied to another removable disk device that does not have the correct identification information, the data cannot be reproduced by the disk device, and the unauthorized use of the data is prevented.

In this case, the method that can be decrypted using the identification information corresponds to, for example, the content encryption method shown in FIG. 7 described later. In the third aspect of the present invention, the removable disk device is used by being connected to an information processing device, and is used as a disk medium unit 11 and a registration unit 1.
5, the authentication means 16 and the access means 17 are provided.

The registration means 15 registers the user identification information and the encryption key in association with each other. The authentication unit 16 exchanges the authentication information with the information processing apparatus by using the encryption key corresponding to the user identification information received from the information processing apparatus, thereby checking whether or not the information processing apparatus has the encryption key. If the information processing device has an encryption key, the information processing device is authenticated. Then, the access means 17 accesses the disk medium means 11 in response to a request from the information processing device after the information processing device is authenticated.

The registration unit 15 registers a different encryption key for each user, and when a user tries to access the disk medium unit 11, the authentication unit 16 receives the user identification information of the user from the information processing apparatus. receive. The authentication means 16 authenticates the information processing device using the encryption key corresponding to the user identification information, and authenticates the information processing device having the same encryption key as a reliable device. Then, the access means 17 receives an access request from the authenticated information processing device.

With such a configuration, the user cannot access the removable disk device unless the encryption keys of the user registered in both the removable disk device and the information processing device match. Therefore, even if an attempt is made to use another information processing apparatus that does not have such an encryption key, the access is prohibited. Therefore, the combination of the removable disk device and the information processing device can be limited, and the unauthorized use of data using another information processing device can be prevented.

In this case, the registration means 15 corresponds to, for example, USR187 of FIG. 14 described later, and the authentication means 16
For example, the access means 17 corresponds to the AUT 188 of FIG. 14 or the modules 263 and 264 of FIG. 26 described later.
Corresponds to the HEAD 173 of FIG. 13, for example.

The encryption key corresponding to the user identification information corresponds to, for example, the HWKs 101 and 103 in FIG. 9 described later, and the authentication information exchanged is, for example, E in FIG.
_HWK (R1), E _HWK (R2), E _HWK (R1 xor
HFP), and E _HWK (R2xor HFP).

In the fourth aspect of the present invention, the removable disk device is used by being connected to an information processing device for reproducing data, the disk medium means 11, the interface means 13, the writing means 14, the clock means 18, and the comparison means. Means 19 are provided.

The write means 14 stores the encrypted data and information indicating the expiration date of the data in the disk medium means 1.
Write to 1. The clock means 18 outputs the current time, and the comparing means 19 compares the current time with the expiration date. Then, the interface unit 13 sends the information necessary for decrypting the encrypted data to the information processing device when the current time is within the expiration date.

According to such a configuration, the expiration date of the data written in the disk medium means 11 is managed by the removable disk device, and if the current time is not within the expiration date, the information processing device will write the encrypted data. Cannot be decrypted. Therefore, it is possible to prevent the illegal use of the data whose expiration date has passed. For example, if the license data of the software is written in the disk medium means 11, the removable disk device itself can manage the expiration date of the license.

In this case, the clock means 18 corresponds to, for example, the built-in clock 134 in FIG. 11 described later, and the function of the comparison means 19 corresponds to, for example, 135 in FIG. In the fifth aspect of the present invention, the removable disk device is used by being connected to an information processing device, and the disk medium means 1
1, an access unit 17, and a setting unit 20.

The setting means 20 sets the identification information of the owner of each sector of the disk medium means 11 and the information indicating the access restriction to each sector for users other than the owner. Then, when the user other than the owner of a certain sector attempts to access the sector using the information processing apparatus, the access unit 17 accesses the sector within the range of access restriction.

With such a configuration, an owner is set for each sector of the disk medium means 11, and it is possible to impose an access restriction on the sector to users other than the owner of a certain sector. As a result, one removable disk device can be used by a plurality of users, and data can be shared with other users within the range of appropriate access restrictions. Therefore, unauthorized access outside the range is prevented.

In this case, the setting means 20 corresponds to, for example, the user authentication section 311 of FIG. 31 described later. Further, the access restriction to users other than the owner corresponds to, for example, the authority other than the owner and the authority of the group in FIG. 32 described later.

In the sixth aspect of the present invention, the information processing device for reproducing the data of the removable disk device comprises a check means and an access means. The check means exchanges the authentication information generated by using the software identification information of the information processing device with the removable disk device so that the removable disk device has the non-rewritable identification information corresponding to the software identification information. Check whether or not. The access means accesses the data of the removable disk device when the removable disk device has the non-rewritable identification information.

When the information processing device tries to access the data of the removable disk device, the checking means authenticates the removable disk device using the software identification information, and the non-rewritable identification information corresponding to the software identification information. Authenticate the removable disk device that has the. Then, the access means accesses the data of the authenticated removable disk device.

According to such a configuration, if the software identification information of the information processing device and the identification information of the removable disk device do not correspond to each other, the information processing device cannot access the removable disk device. Therefore, if you try to access a removable disk device that does not have such identification information,
Access is prohibited. Therefore, it becomes possible to limit the removable disk devices that the information processing apparatus can access, and it is possible to prevent unauthorized use of data in other removable disk devices.

In this case, the checking means corresponds to, for example, the secure driver 43 in FIG. 6 described later, and the function of the access means corresponds to, for example, 88 and 89 in FIG. 7 described later. Further, the software identification information corresponds to, for example, the soft ID 48 in FIG. 6, and the exchanged authentication information is, for example, RANDOM // Soft ID and Soft Key // in FIG.
Supports RANDOM xor Drive ID // DES-MAC.

In the seventh aspect of the present invention, the information processing device for reproducing the data of the removable disk device comprises an authentication means and an access means. The authentication means exchanges the authentication information with the removable disk device by using the encryption key corresponding to the identification information of the user, thereby checking whether or not the removable disk device has the encryption key. If you have, authenticate the removable disk device. Then, after the removable disk device is authenticated, the access means accesses the data of the removable disk device in response to a request from the user.

When a user inputs identification information to the information processing apparatus and tries to access the data of the removable disk device, the authentication means uses the encryption key corresponding to the identification information to authenticate the removable disk device. Then, the removable disk device having the same encryption key is authenticated as an access target. Then, the access means accesses the requested data of the authenticated removable disk device.

According to this structure, the user cannot access the removable disk device unless the encryption keys of the user registered in both the removable disk device and the information processing device match. Therefore, even if an attempt is made to access a removable disk device that does not have such an encryption key, the access is prohibited. Therefore, unauthorized use of data in the removable disk device is prevented.

In this case, the function of the authentication means is, for example, 102, 109, 111, 112, 113, 11 in FIG.
4 and 115. Further, the authentication means also corresponds to the modules 273 and 274 of FIG. 26 described later. The function of the access means is, for example, 87, 8 in FIG.
Corresponding to 8 and 89.

Further, the encryption key corresponding to the user identification information corresponds to, for example, the HWKs 101 and 103 in FIG. 9, and the exchanged authentication information is, for example, E _HWK (R
1), E _HWK (R2), E _HWK (R1 xor HF
P), and E _HWK (R2 xor HFP).

[0034]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in detail below with reference to the drawings. FIG. 2 shows the external appearance of the removable HDD. 2 removable HD
The D 22 is used by being connected to the information processing device (host) 21 via the interface cable 23.

The information processing device 21 corresponds to, for example, a PC (personal computer) or a content reproducing device (video reproducing device), and has a function of outputting data recorded in the HDD 22. The interface cable 23 is
For example, USB (Universal Serial Bus) or IEEE
(Institute of Electrical and Electronic Engineer
s) Corresponding to 1394.

FIG. 3 shows the appearance of another removable HDD. The removable HDD 24 shown in FIG.
It is used by being inserted into the slot 25 of the information processing device 21. The contents stored in the removable HDD include
It includes reproduction data such as video and music and copyright data (license data). In this embodiment, in order to manage these contents, an identification function, a secret key storage function, a communication concealment function, a user management function, a mutual authentication function, a clock function, and a sector management function are provided in the HDD and the information processing device. Set up. Basically, these functions can be realized by either software or hardware. In the following, each function will be described in order. (1) Identification function The HDD is provided with secret identification information (authentication number) corresponding to the serial number of the HDD on a one-to-one basis for individual identification. This identification information will be called a drive ID (DID). Unlike the serial number, a symbol string that cannot be easily analogized is used as the DID.

FIG. 4 shows an identification function using this DID. The removable HDD 31 is connected to an information processing device equipped with an OS (operating system) 32 and an application 33, and stores contents distributed by the distribution server 35. The application 33 is an application program that reproduces content, and does not store distribution data in a removable HDD that does not have a DID.

First, the application 33 is the OS 32.
To the HDD 31 and the OS 32 issues a DID request to the HDD 31 accordingly. The secure module 36 of the HDD 31, which has an identification function, sends the DID in plain text in response to a request from the OS 32. The OS 32 returns the received DID to the application 33 as a response, and the application 33 sends the DID to the distribution server 35 via the communication network 34 such as the Internet to request the distribution of the content.

The distribution server 35 authenticates the HDD 31 with the received DID and distributes the content. The application 33 passes the distributed content to the OS 32, and the file system driver 38 of the OS 32 stores the content in the medium 37 of the HDD 31. afterwards,
The application 33 is the file system driver 3
The content is read from the medium 37 via the decoder 8 and is decoded by the decoder 39 to be reproduced.

As described above, by providing the removable HDD with the secret identification information, the content management can be performed even if the HDD is separated from the information processing apparatus.
Therefore, the removable HDD can be used as a medium for video and music. (2) Private key storage function A function for registering a private key in the removable HDD is provided.
This function is applied to the HDD shipped together with a dedicated device driver (secure driver), and the manufacturer encrypts the master key in a safe place and registers it in the HDD and the secure driver.

FIG. 5 shows such a secret key storage function. The master key 41 managed by the distribution server 35 is distributed to the manufacturer 42 under strict control, and the manufacturer 42 sends H
The master key 41 is encrypted using the DID 46 of the DD 31 (44) and stored in the HDD 31 as the drive key 47.

Further, the maker 42 uses the secure driver 4
The master key 41 is encrypted (45) using the soft ID 48 which is the identification information of No. 3, and is added to the secure driver 43 as the soft key 49. As the software ID 48, D
As with the ID 46, a symbol string that cannot be easily analogized is used. In this way, the HDD 31 and the secure driver 43 holding the information of the common master key 41 are shipped from the manufacturer 42.

In this way, the master key is encrypted and the HDD is
By having both 31 and secure driver 43,
Authentication processing using the master key can be performed between the HDD 31 and the secure driver 43. (3) Communication concealment function (DID reading function) A function of concealing communication between the HDD and the information processing device to make eavesdropping difficult is provided. In FIG. 4, the secure driver 43 is installed in the OS 32, and when the DID is read from the HDD 31, the secure driver 43 securely receives the DID by using the preset soft key 48. When reading the DID at a place where it may be intercepted, a retransmission prevention protocol is used.

FIG. 6 shows the communication concealment function in such a dangerous place. When the DID request 52 is issued from the application in the information processing device 51, the secure driver 43 connects the software ID 48 and the random number 53 (54) and sends them to the HDD 31.

The HDD 31 receives the received software ID 48
And disconnect the random number 53 (55). Further, the drive key 47 is decrypted using the DID 46 (56), and the master key 41 is generated. Then, using the soft ID 48, the master key 4
1 is encrypted (57) and a soft key is generated.

Next, an exclusive OR (XOR) of the DID 46 and the random number 53 is generated (58) and connected with the soft key (5).
9). Further, as a message authentication code of the linked information, DES-MAC (Data Encryption Standard-M
essage Authentication Code) is generated (60), linked with the exclusive OR and the soft key (61), and sent to the secure driver 43.

The DES-MAC is signature information using the DES encryption method as a hash function, and is added to the transmission information for the same purpose as the checksum. It is also called a message digest.

The secure driver 43 disconnects the received connection information, generates an exclusive OR, DES-MAC and a soft key, and generates a DES-MAC from the exclusive OR (62). Then, the generated DES-MAC is stored in the HDD
Compare with DES-MAC received from 31 (63),
If they match, then the soft key 49 received from the HDD 31 is compared with the held soft key 49 (6
4).

If the two soft keys match, the HDD 31
The information received from the HDD 31 is determined to be valid, and the HDD 31
The exclusive OR obtained from the above and the exclusive OR of the random number 53 are calculated (65), and the DID 46 is taken out. DES-MA
If C or the soft key does not match, it is determined that the information received from the HDD 31 is invalid, and error processing is performed (66).

According to such a DID reading process,
In the secure driver 43, the HDD 31 has the software ID 48.
It is checked whether the HDD 31 has a DID 46 corresponding to the HDD 31 and it is confirmed that the HDD 31 has such a DID 46.
Access to 31 can be permitted. Therefore, another HDD having a different DID is the information processing device 5
When the information processing device 51 is connected to the HDD 1,
Cannot access the content of.

Further, since the software ID 48 and the DID 46 transferred between the HDD 31 and the information processing device 51 are hidden by the random numbers, the risk of eavesdropping on these secret information is reduced. Therefore, the privacy of the HDD 31 and the information processing device 51 is protected.

FIG. 7 shows a content distribution system using the secret key storage function of FIG. 5 and the communication concealment function of FIG. In this system, the distribution server 35 and the information processing device 72 perform the same processing as the information processing device 51 of FIG. 6 to read the DID 46 from the removable HDD 31. The HDD 31 sends the DID 46 with a signature, and the distribution server 35 and the information processing device 72 receive the received DID.
The HDD 31 is identified using 46.

First, the HDD 31 is connected to the information processing device 71 and sends out the DID 46 by the method shown in FIG. 6 (81). The information processing device 71 transmits the DID 46 to the distribution server 35, and the distribution server 35 receives the DID 46 by the method shown in FIG. 6 (72).

Next, the distribution server 35 encrypts the content work key (CWK) 83 using the DID 46 and E
_{The DID} (CWK) is generated (84), and the content (C) 85 is encrypted using the CWK 83 to generate E _CWK (C) (86). The CWK83 is a secret key of the content holder.

The distribution server 35 transmits E _DID (CWK) and E _CWK (C) to the information processing device 71, and the information processing device 71 passes the information to the HDD 31. Then, the HDD 31 stores E _DID (CWK) and E _CWK (C).
Are stored on the medium 37.

Next, the HDD 31 is another information processing device 72.
And sends the DID 46 by the method shown in FIG. 6 (81). The information processing device 72 uses the method shown in FIG.
Receives ID46 (87) and uses DID46 to E
Decode the _DID (CWK) to generate CWK73 (8
8). Then, E _CWK (C) is decrypted using _{CWK 73} (89), and the content 85 is taken out and displayed on the screen 90.

According to such a content distribution system, the information processing device 71 cannot directly access any information of the DID 46, the CWK 73, and the content 85. Therefore, even if the information processing device 71 is not reliable, unauthorized use of these pieces of information is prevented. On the other hand, the information processing device 72 corresponds to a reliable device used for reproducing the content 85. (4) User management function The name and password of the user who uses the HDD is recorded, and the read / write right is set for each user. In addition, attributes can be set for each user.

FIG. 8 shows such a user management function. The HDD 31 generates a random number R _N for retransmission prevention using the previously transmitted random number R _N-1 stored in the random number storage unit 91 as an initial value (92) and sends it to the information processing device 51. The sent R _N is stored in the random number storage unit 91.

The information processing apparatus 51 uses the received R _N as a key to identify the user (user name) 93 (USE).
R _n ) is encrypted and E _RN (USER _n ) is generated (9
4). Then, E _RN (USER _n ) is passed to the HDD 31.

The HDD 31 receives the received E_RN(USER
_n) To R_NDecrypt using USER _nIs generated (9
5). Then, from the user table 96 on the medium 37,
USER_nHost work key HWK corresponding to_n, Host-specific
Fixed pattern HFP_n, And user attribute A_nTake out
Used for subsequent processing.

HWK _n is a secret key held by the information processing device 51, and HFP _n is a fixed value for disturbance used in DES. Further, A _n corresponds to information such as a group to which the user belongs.

By providing such a user table 96, it becomes possible to set the host work key, the host fixed pattern, and the user attribute for each user, and the content management is performed for each user by using such information. You can (5) Mutual Authentication Function The removable HDD and the information processing apparatus use the host work key registered in advance to check whether or not the other party has the same host work key, and mutually authenticate each other.

FIG. 9 shows such a mutual authentication function. The HDD 31 and the information processing device 51 first exchange a random number for retransmission prevention, and then exchange a host fixed pattern. Then, when the random number and the host fixed pattern match on both sides, the authentication is completed, and the read / write operation is performed. H
The DD 31 does not perform read / write operations until the authentication is completed.

First, the information processing apparatus 51 encrypts the random number R1 by using the HWK101 stored in advance,
E _HWK (R1) is generated (102). And E
Pass _HWK (R1) to HDD 31.

The HDD 31 decrypts E _HWK (R1) using the _HWK 103 fetched from the user table (104). Next, the random number R2 is encrypted using the HWK103 to generate E _HWK (R2) (105). Then, E _HWK (R2) is sent to the information processing device 51.

HF retrieved from the user table
An exclusive OR of the decryption results (R1) of P106 and 104 is generated (107), encrypted using HWK103, and E
_HWK (R1 xor HFP) is generated (108).
Then, E _HWK (R1 xor HFP) is sent to the information processing device 51.

The information processing device 51 uses HWK101.
E_HWK(R2) is decoded (109), and the decoding result (R
2) and the exclusive logic of the HFP 110 held in advance
A sum is generated (111). And the exclusive OR is HWK
Encrypt using 101, E _HWK(R2 xor H
FP) is generated (112). And E_HWK(R2
xor HFP) to the HDD 31.

Also, the E received from the HDD 31
_HWK (R1 xor HFP) is decoded using HWK101 (113), and the decoding result (R1 xor HFP)
And an exclusive OR of the HFP 110 are generated (114). Then, the exclusive OR of 114 is compared with R1 (11
5) The authentication judgment is performed (116). If the exclusive OR matches R1, it can be seen that the HDD 31 holds the same HWK and HFP, and the HDD 31 is authenticated as a correct partner. If they do not match, the HDD 31 is not authenticated.

On the other hand, the HDD 31 uses the E _HWK (R2 xor HFP) received from the information processing device 51 as HWK1.
(117), and the decoding result (R2 xo
Generate an exclusive OR of rHFP) and HFP 106 (1
18). Then, the exclusive OR of 118 is compared with R2 (119), and authentication determination is performed (120). If the exclusive OR matches R2, the information processing device 51 has the same HWK and HW.
Since it can be seen that the FP is held, the information processing device 5
Authenticate 1 as the correct party. If they do not match, the information processing device 51 is not authenticated.

According to such an authentication method, not only the information processing apparatus 51 authenticates the HDD 31 but also the HDD 31
Can also authenticate the information processing device 51. HDD3
1 does not allow the information processing device 51 to access the content unless the information processing device 51 is authenticated. Therefore, it is possible to prevent unauthorized access to the content by the information processing device 51.

After the information processing device 51 and the HDD 31 mutually authenticate each other, the information processing device 51 can access the contents of the HDD 31 and read / write data.

The OS 32 in FIG. 4 corresponds to the OS of the information processing apparatus authenticated by the HDD 31, and the information processing apparatus 51 in FIG. 6 and the information processing apparatus 72 in FIG. 7 correspond to the information processing apparatus authenticated by the HDD 31. To do. The information processing device 71 in FIG. 7 and the information processing device 51 in FIG. 8 correspond to unauthenticated information processing devices. (6) Clock function The removable HDD has a built-in clock and manages the expiration date of the right. The management target is a sector, a file, or the like.

FIG. 10 shows registration of a time-limited license used in such a clock function. In this process, the DID 46 of the HDD 31 is encrypted and sent to the distribution server 35 via the information processing device 51. Delivery server 3
5 encrypts the content work key 83, the content expiration date 127, and the content body 85,
Write to D31. This expiration date 127 corresponds to the time-limited license.

First, the HDD 31 takes out the random number R _N-1 from the random number storage unit 91 and sends it to the authenticated information processing apparatus 51. The information processing device 51 generates a random number R _N for retransmission prevention using the received R _N-1 as an initial value (12
1), return to HDD 31.

The HDD 31 generates an exclusive OR of the DID 46 and R _N (122) and encrypts it using the _HWK 103 to generate E _HWK (DID xor R _N ) (12).
3). Then, sends E _HWK the (DID xor R _N) to the information processing apparatus 51.

The information processing device 51 receives the E
_HWK is decrypted using the (DID xor R _N) the HWK101 (124), the decoded result and calculates the exclusive logical sum of (DID xor R _N) and R _N, to generate the DID 46 (125). Then, the obtained DID 46 is transmitted to the distribution server 35.

The distribution server 35 receives the received DID 46.
Encrypt CWK83 using _DIDLive (CWK)
(126). In addition, the expiration date 127 (T_EXP) Oh
And content 85 (C) is encrypted using CWK83
And then E_CWK(T_EXP) And E _CWKGenerate (C)
(128 and 129). And this information
It is transmitted to the processing device 51. The information processing device 51 receives
Information is transferred to the HDD 31, and the HDD 31
_DID(CWK), E_CWK(T_EXP), And E_CWK(C)
It is stored on the medium 37.

In this way, the expiration date of the content is registered in the HDD 31, together with the content work key and the content. In FIG. 10, the random number storage unit 91 is the HDD
Although it is provided inside 31, it may be provided inside the information processing device 51.

When this HDD 31 is connected to an unauthenticated information processing device, the information processing device cannot read the DID 46 as shown in FIG. 7, but cannot read the content work key to reproduce the content. it can. In this case, the information of the expiration date 127 is decrypted in the HDD 31 and it is checked whether the expiration date has passed.

FIG. 11 shows the decoding of such a time-limited license. In this process, the expiration date T _EXP decrypted in the HDD 31 is compared with the date and time T _NOW of the internal clock 134, and if it expires, the content work key is not transmitted.

The HDD 31 is the unauthenticated information processing device 13
When connected to No. 1, first, E _DID (CWK) and E _CWK (T
_EXP ) is sent to the information processing device 131, and the information processing device 1
31 returns these pieces of information to the HDD 31 as they are.

Next, the HDD 31 decodes E _DID (CWK) using the _DID 46 to generate CWK (13).
2). Next, E _CWK (T _EXP ) is decoded using the obtained CWK to generate T _EXP (133). Then, the obtained T _EXP is compared with the date and time T _NOW of the internal clock 134 (13
5).

If T _NOW is smaller than T _EXP , it means that the CWK is sent to the information processing device 131 because it is within the valid period (1
36), if T _NOW is greater than or equal to T _EXP , the expiration date has expired and CWK is not sent to the information processing device 131.

Information processing device 131 receiving CWK
_Reads E _CWK (C) from the HDD 31. And
E _CWK (C) is decrypted using _CWK , content C is taken out and displayed on screen 90.

By providing such a clock function, it becomes possible to store and manage the license on the medium 37. As a result, the HDD 31 can be moved with a license even when the connected information processing device is changed. (7) Sector management function A read / write right and a usage period are set for each sector of the removable HDD, and data recorded on the medium is managed for each sector.

FIG. 12 shows the logical structure of one sector (logical sector) which is the minimum unit of recording on the medium 37. A security tag 141 is provided in each sector, and security is realized by setting access restrictions to the data 142 using the security tag 141. The following information is recorded in the security tag 141. 1. 1. Identification information of the owner (user) of the sector Expiration date 3. Read / write restrictions from other than the owner 4. The read / write restricted HDD from the group to which the owner belongs uses the user management function of FIG. 8 and the mutual authentication function of FIG. 9 together to distinguish the owner of the sector. The information processing apparatus checks whether the user who wants to use the HDD is registered in the user table 96 in FIG. 8, and if it is not registered, registers it in the user table 96. At this time, the host work key used for mutual authentication, the host fixed pattern, and the user attribute are also registered together with the identification information of the user. The procedures for registration and mutual authentication are as follows. 1. The information processing apparatus checks whether or not the corresponding host work key, host fixed pattern, and user attribute are registered in the HDD based on the user identification information. 2. If not registered, the information is registered in the HDD. 3. Using the registered host work key and host fixed pattern, the HDD is authenticated and the HDD is accessed (encrypted communication). 4. The user can access the sector owned by the user and the sector not owned by the user, and at the same time can set the access restriction. Sectors owned by others are subject to set access restrictions. At this time, it is possible to read and write within the range of the sector to which the read / write restriction from the group to which the user belongs is set. 5. The user can disconnect the HDD from the information processing device while registering his / her host work key and host fixed pattern. When the HDD is disconnected from the information processing apparatus, the authenticated state is released and the HDDs are not authenticated with each other. 6. When the host work key and the host fixed pattern are deleted from the HDD, the ownership of the sector is deleted after the data of the sector owned by the corresponding user is deleted.
When the expiration date of a sector has passed, the data and access restrictions of that sector are erased.

The host work key and the host fixed pattern are managed by each user who is an administrator, and the HDD
Receives this information from the user. According to such a sector management function, since data can be managed for each sector, a plurality of contents can be stored in one HDD. Further, since different owners can be set for each sector, one HDD can be used by a plurality of users.

Next, the configuration and operation of the removable HDD will be described in more detail with reference to FIGS. 13 to 32. FIG. 13 is a configuration diagram of the removable HDD 31. The HDD shown in FIG. 13 is a PCA (printed circuit board) 151.
And a DE (disk enclosure) 152.

The PCA 151 is a CPU (central processing unit)
161, CLOCK (internal clock) 162, RAM (random access memory) 163, MASKROM (read only memory) 164, I / F (interface) 1
65, HDC (hard disk control circuit) 166, SV
A C (servo circuit) 167 and an RDC (read channel) 168 are provided.

The DE 152 is a media (medium).
37, SPM (spindle motor) 171, VCM (voice coil motor) 172, HEAD (head) 17
3 and PREAMP (preamplifier) 174.

MASKROM 164 on PCA 151
Is a non-rewritable memory and stores firmware (program) for controlling the operation of the HDD. The CPU 161 is a processor, and controls the operation of the HDD by executing a program stored in the MASKROM 164 using the RAM 163. CLOC
The K162 corresponds to the built-in clock 134 in FIG. 11 and is battery operated. The I / F 165 is an ATA (AT Attachment) interface for communicating with the information processing apparatus at the connection destination.

The HDC 166 is a group of security functions and various control circuits. SVC167 is SP
The position of the head 173 is controlled while keeping the rotation of M171 constant. The RDC 168 converts the analog signal from the DE 152 into a digital signal.

The medium 37 in the DE 152 is a magnetic disk (disk coated with a magnetic material), the SPM 171 is a motor for rotating the medium 37, and the VCM 172 is a coil and a magnet for moving the head 173. Head 173
Reads and writes the magnetic pattern of the medium 37 as an analog signal, and the PREAMP 174 amplifies the analog signal of the head 173. Data is exchanged between the PCA 151 and the DE 152 via the RDC 168 and the PREAMP 174.

When the HDD is used in the form as shown in FIG. 3, the PCA 151 can be incorporated in the information processing apparatus side, and therefore the HDD may have only the DE 152. In addition, the secure module 36 of FIG.
Corresponds to 51.

The MASKROM 164 stores firmware as shown in FIG. INIT (initial setting unit) 181 performs various initial settings and sets setting values necessary for hardware, and CKSM (checksum unit)
182 checks the validity of the firmware itself before booting. The CMD (command analysis unit) 183 receives and interprets a command and executes a necessary routine.

FRW (firmware rewriting section) 18
Reference numeral 4 manages whether or not the firmware can be rewritten and rewrites the firmware, and DES (DES unit) 185 performs encryption processing and decryption processing. MAC (cryptographic checksum part)
186 generates a DES-MAC value, and USR (user part) 187 performs user registration and user management.

An AUT (authentication unit) 188 performs an authentication process of the information processing device, and a DID (drive ID unit) 189.
Sends the DID. SEEK 190
Controls the position of the head 173, and the READ (reading unit) 191 reads the sector. WRITE
The (writing section) 192 performs writing to the sector,
The OTHERS 193 has an infrastructure function necessary for the operation of the HDD.

The firmware is stored in the system area (SA) on the medium 37, and when the power is turned on (power on), the MASKROM is read by the firmware loader.
164 is loaded.

Next, a non-volatile function provided in the HDD for realizing the identification function of FIG. 4, the secret key storage function of FIG. 5, and the mutual authentication function of FIG. 9 will be described. The non-volatile function is a function of creating a non-rewritable storage area (secure area) on the medium 37 for storing the DID. As a method of mounting the non-volatile function, a method of replacing the firmware or the head before and after shipping the HDD can be considered.

In the method of replacing the firmware, the specifications of the firmware and its loader are combined and replaced in order in the manufacturing process to realize a pseudo non-volatile area that cannot be written in the field after shipment on the medium.

FIG. 15 shows specifications of four pieces of firmware which are sequentially installed in the HDD. Step S1,
In S2, S3, and S4, SRT firmware, shipping firmware, device authentication revision firmware, and device authentication shipping firmware are used, respectively. Of these, the SRT firmware and the device authentication modification firmware are used only in a factory where security is ensured.

The SRT firmware, the shipping firmware, and the device authentication revision firmware can write to the non-volatile area, but the device authentication shipping firmware cannot write to the non-volatile area.

FIG. 16 is a flowchart of the procedure for rewriting these firmwares. Step S of FIG.
1 and S2 correspond to steps S11 and S12 of FIG. 16, respectively, and steps S3 and S4 of FIG.
Corresponds to step S13 in FIG.

At the time of manufacture, first, the SRT firmware is used to rewrite it to the shipping firmware (step S11), and the shipping firmware is used to rewrite it to the device authentication revision firmware (step S12). Next, the device authentication shipping firmware is loaded using the device authentication modified firmware (step S13), and it is checked whether the DES-MAC attached thereto is correct (step S14).

If the DES-MAC is correct, the device authentication revision firmware is rewritten to the device authentication shipping firmware (step S15), and the HD having the nonvolatile function is obtained.
D is shipped to the field. On the other hand, if the DES-MAC is not correct, the firmware cannot be rewritten (step S16). The method of checking the DES-MAC will be described later.

When it becomes necessary to write to the nonvolatile area after the device authentication shipping firmware is mounted on the HDD and shipped, the device authentication shipping firmware is replaced with the device authentication modified firmware.

In this case, the device authentication revision firmware is loaded using the device authentication shipping firmware (step S13), and the DES-MAC is checked (step S14). If the DES-MAC is correct, the device authentication shipping firmware is rewritten to the device authentication revision firmware (step S15), and the DES-MAC
If is not correct, the firmware cannot be rewritten (step S16).

Further, in the method of exchanging the heads, the position deviation between the read core and the write core of the heads is used, and two heads having different deviation directions are used to create a physically unrewritable area on the medium. To do.

At the time of manufacture, first, as shown in FIG.
The DID is written in the outermost peripheral portion of the medium 37 using the head 201 having the write core (W) on the outer peripheral side. And
As shown in FIG. 18, the HDD is shipped by replacing the head 202 with the read core (R) on the outer peripheral side and the write core on the inner peripheral side. As a result, the outermost peripheral portion of the medium 37 becomes a readable but unwritable non-volatile area, and the DID cannot be rewritten in the field.

Next, the work key generation function used in the secret key storage function of FIG. 5 will be described. The work key generation function is a function of encrypting the master key 41 using the DID 46 and generating the drive key 47.

FIG. 19 shows the work key generation processing by the DES 185 of FIG. Master key (KM) 211
The work key (WK) 213 corresponds to the master key 41 and the drive key 47 in FIG.
Is a predetermined fixed value.

The DES 185 first divides the KM211 into three equal parts to generate KM1, KM2, and KM3, divides the DID46 read from the medium 37 into three equal parts, and divides the DID46 into three parts.
1, DID2, and DID3 are generated. Next, IV
An exclusive OR of 212 and DID1 is used as an initial value to generate WM1, WM2, and WM3 by the triple DES method. Then, WM1, WM2, and WM3 are linked to generate WK213.

FIG. 20 is a block diagram of a work key generation circuit having the same function as the DES 185. Instead of the DES 185, such a circuit may be provided on the PCA 151. IV register 221, DID1 register 222,
DID2 register 223 and DID3 register 22
4 stores the values of IV212, DID1, DID2, and DID3, respectively.

The selector 226 has the TEMP register 22.
5 or the value of the IV register 221 and select the selector 2
27 is a DID1 register 222 and a DID2 register 2
23 or the value of the DID3 register 224 is selected. The XOR 228 calculates the exclusive OR of the outputs of the selectors 226 and 227.

MK1 register 230, MK2 register 2
31 and the MK3 register 232 are respectively MK
The values of 1, MK2, and MK3 are stored. Selector 2
33 is the MK1 register 230 and the MK2 register 23
1 or the value of the MK3 register 232 is selected.

The DES 234 performs the DES encryption operation using the outputs of the XOR 228 and the selector 233, and stores the operation result in the TEMP register 225, the WK1 register 235, the WK2 register 236, and the WK3 register 237. The sequencer 229 controls the operation sequence of the selector and the register.

19 and 20, the method of generating the drive key 47 of FIG. 5 has been described, but the soft key 49 of FIG. 5 is also generated by the same firmware or circuit. Next, the cryptographic checksum function used in the communication concealment function of FIG. 6 will be described. The cryptographic checksum function is a DES- that is used to prevent program tampering.
This is a function of generating a MAC. When recording the program code on the medium, the HDD adds a correct MAC value in advance and compares the MAC value newly generated before execution with the recorded MAC value. If the two MAC values are different, it is considered that the program code has been tampered with, and the program code is not executed.

FIG. 21 shows the cryptographic checksum processing by the MAC 186 of FIG. The MAC 186 first reads the program code 241 recorded in the medium 37.
Is loaded on the RAM 163 (step S21), and the program code 241 and the work key 243 to the MAC 244.
Is generated (step S22).

At this time, the program code 241 is divided into n pieces in units of M bits to perform the DES encryption operation, and the result is set as the MAC value. For the next M bits, the MAC value generated from the previous M bits is subjected to the exclusive OR operation and then the encryption operation is performed to generate the MAC value. Thus, after repeating the encryption operation n times, the MA
C244 is generated.

Next, the obtained MAC 244 is compared with the MAC 242 recorded in the medium 37 (step S2).
3). If the MAC 244 and the MAC 242 match, the determination result that the program code 241 is executable is output, and if the MAC 244 and the MAC 242 do not match, the determination result that the program code 241 is not executable is output.

In the case of FIG. 6, a DES-MAC is generated using the value of Soft Key // RANDOM xor Drive ID instead of the program code 241 (60) and is sent from the HDD 31.

FIG. 22 is a block diagram of a cryptographic checksum circuit having the same function as the MAC 186. MAC18
Instead of 6, such a circuit may be provided on the PCA 151. MAC register 251, input register 25
2 and the work key register 253 store the generated MAC value, the program code 241, and the work key 243, respectively.

The XOR 254 calculates the exclusive OR of the values in the MAC register 251 and the input register 252.
The DES 255 performs a DES encryption operation using the operation result of the XOR 254 and the value of the work key register 253, and stores the result in the MAC register 251. Then, after repeating the encryption operation n times, the MAC 244 is output.

The MAC register 256 stores the MAC 242. The comparator 257 compares the value of the MAC register 256 with the MAC 244 output from the DES 255, and outputs the result as a determination result.

Next, the user registration function used in the user management function of FIG. 8 will be described. The user registration function is
This is a function of registering a user in the user table 96 of FIG. FIG. 21 shows a user registration process by the USR 187 and the information processing device of FIG. This processing is performed when the user inputs the user name into the information processing device in order to use the HDD.

First, the information processing apparatus requests a user list from the HDD (step S31), and the USR18 of the HDD
7 returns a list of user names registered in the user table (step S32). Next, the information processing device
Referring to the received list, the entered user name is H
It is checked whether it is registered in DD (step S33). And if the user name is already registered,
The mutual authentication process of FIG. 9 is performed (step S40).

If the user name is not registered, the information processing apparatus uses the user name, the host work key, the host fixed pattern, and the group name as user registration information in the HDD.
And requests registration to the user table (step S34). Then, the USR 187 registers the received information in the user table (step S35). Thus, the user table as shown in FIG. 24 is generated.

Next, the information processing apparatus requests the user list again (step S36), and the USR 187 returns the updated user list (step S37). And
The information processing device checks whether or not the input user name is registered (step S38). If the user name is registered, the process of step S40 is performed, and if the user name is not registered, an error process is performed (step S39).

Next, the mutual authentication function of FIG. 9 will be described in more detail. According to this function, mutual authentication is performed between the information processing apparatus and the HDD using the host work key and the host fixed pattern set by the user.

FIG. 25 shows the sequence of such a mutual authentication function. The user name, host work key, and host fixed pattern are set in advance in the information processing device and H
Register with both DDs. Also, ATA # 80 is an encrypted transmission command (interface), and ATA # 81
Is a cipher reception command.

First, the information processing apparatus generates a random number R1 (step S41) and encrypts it with a host work key to generate E (R1) (step S42). And
E (R1) is transmitted to the HDD together with the user name USER (step S43).

The HDD decrypts E (R1) with the host work key corresponding to the user name (step S44). Next, a random number R2 is generated (step S45) and encrypted with the host work key to generate E (R2) (step S46). Then, E (R2) is transmitted to the information processing device.

The information processing apparatus uses the host work key to E (R
2) is decrypted (step S47), bit inversion is performed with the host fixed pattern (step S48), and then encrypted with the host work key to generate E (R2 ') (step S).
49). Then, E (R2 ′) is transmitted to the HDD.

The HDD uses E (R2 ') with the host work key.
Is decoded (step S50), bit inversion is performed using the host fixed pattern (step S51), and the inversion result is compared with R2 (step S52). If the reversal result does not match R2, the information processing device is not authenticated (step S5).
3).

If the inversion result matches R2, the information processing device is authenticated, and then R1 decrypted in step S44 is bit-inverted with the host fixed pattern (step S5).
4). Then, the inversion result is encrypted with the host work key to generate E (R1 ′) (step S55) and transmitted to the information processing device.

The information processing apparatus uses the host work key to E (R
1 ') is decoded (step S56), bit inversion is performed with the host fixed pattern (step S57), and the inversion result is R
It is compared with 1 (step S58). If the reverse result does not match R1, the HDD is not authenticated (step S5).
9). If the inversion result matches R1, the HDD is authenticated,
Mutual authentication is completed (step S60).

When the program of the information processing apparatus and the AUT 188 of FIG. 14 cooperate to perform the processing of such a sequence, for example, the mutual authentication processing as shown in FIG. 9 is performed. On the other hand, when this sequence is implemented by hardware, a mutual authentication mechanism as shown in FIG. 26 is used.

In the mutual authentication mechanism of FIG. 26, the HDD
Includes a host fixed pattern register 261, a host work key register 262, a random number R2 module 263, and a fixed pattern module 264 on the PCA 151 instead of the AUT 188. In addition, the information processing device
The host fixed pattern register 271, the host work key register 272, the random number R1 module 273, and the fixed pattern module 274 are provided.

The host fixed pattern registers 261 and 271 store the host fixed pattern HFP, and the host work key registers 262 and 272 store the host work key HWK. Upon receiving the activation signal 275, the random number R1 module 273 generates a random number R1 and
_{The HWK} (R1) is transmitted to the random number R2 module 263.

The random number R2 module 263 uses the E _HWK (R
1) is decrypted, R1 is passed to the fixed pattern module 264, a random number R2 is generated, and E _HWK (R2) is random number R1.
Send to module 273. Then, the random number R1 module 273 decodes E _HWK (R2) and passes R2 to the fixed pattern module 274. Fixed pattern module 274 includes R2, HFP, and HWK to E
_HWK (R2 xor HFP) is generated and transmitted to the fixed pattern module 264.

The fixed pattern module 264 is E _HWK
R2 is extracted from (R2 xor HFP), compared with R2 generated by the random number R2 module 263, and the determination result is output. Also, E _HWK (R1 xor HFP) is generated from R1, HFP, and HWK and transmitted to the fixed pattern module 274.

The fixed pattern module 274 is E _HWK
R1 is extracted from (R1 xor HFP) and compared with R1 generated by the random number R1 module 273, and the determination result is output.

Next, the DID sending function used in the identification function of FIG. 4 will be described. In the communication concealment function of FIG. 6, the information processing apparatus reads the DID from the HDD using the soft ID, but the HDD provides the DID to the information processing apparatus using the host work key and the host fixed pattern set by the user. It is also possible to do so.

FIG. 27 shows the sequence of such a DID sending function. It is assumed that the user name, the host work key, and the host fixed pattern are registered in advance in both the information processing device and the HDD, and the mutual authentication between the information processing device and the HDD has been completed. Also, ATA # x
x is an encryption transmission command (interface), and AT
A # yy is a cipher reception command.

The sequence of steps S61 to S64 in FIG. 27 is the same as the sequence of steps S41 to S44 in FIG. When the HDD obtains the random number R1 from E (R1), it next bit-inverts the DID with R1 (step S65) and further bit-inverts it with the host fixed pattern (step S66) to generate the MID. And R
1 and MID are concatenated and encrypted with the host work key, then E
(R1 + MID) is generated (step S67) and transmitted to the information processing device.

The information processing apparatus uses the host work key to E (R
1 + MID) is decoded (step S68). And
The MID is bit-inverted with the host fixed pattern (step S69), and further bit-inverted with R1 (step S7).
0), DID is acquired (step S71).

When the program of the information processing apparatus and the firmware of the HDD cooperate to perform the processing of such a sequence, for example, the DID transmission processing as shown in FIG. 28 is performed.

[0148] However, in the process of FIG. 28, instead of the random number R1 is used to R _N, it is assumed that all bits of the host fixed pattern is 0. In this case, since the exclusive OR of the given pattern P and the host fixed pattern coincides with P, this operation is omitted.

First, the information processing apparatus uses the random number storage unit 281.
Random number R _N-1 is extracted from R _n-1 , and R _N-1 is used as an initial value to generate a random number R _N for preventing retransmission (282). Then, R _N is passed to the HDD.

HDD has DID and R_NThe exclusive OR of
Created (283), encrypted using HWK, E
_HWK(DID xor R_N) Is generated (284). So
And then E_{HW K}(DID xor R_N) As an information processing device
Send out.

The information processing apparatus receives the E _HWK (DI
D xor R _N ) is decoded using HWK (28
5), calculate the exclusive OR of the decryption result and R _N , and
Is generated (286). At this point, the DID transmission process is completed, and thereafter, the content is downloaded and reproduced using the DID.

First, the information processing apparatus transmits the obtained DID to the distribution server. The distribution server receives the DI
The CWK is encrypted using D to generate E _DID (CWK) (287), and the content C is encrypted using CWK to generate E _CWK (C) (288). Then, these pieces of information are transmitted to the information processing device.

The information processing apparatus stores the received information in the HDD
HDD to E _DID (CWK) and E _CWK (C)
Is stored on the medium. Next, from the HDD to E _DID (CW
K) is read, E _DID (CWK) is decoded using _DID , and CWK is taken out (289). And HDD
Read E _CWK (C) from the
_{The CWK} (C) is decrypted (290), the content C is taken out and displayed on the screen 90.

[0154] E _DID (CWK) and E _CWK (C) is able to replicate freely, there is no correct DID if E _DID (CW
Since K) cannot be decrypted, it is also impossible to reproduce the content C. Therefore, even if these pieces of information are copied from the HDD initially stored to another HDD, they cannot be used, and the illegal use of the content C is prevented. In FIG. 28, the random number storage unit 281 is provided in the information processing device, but it may be provided in the HDD.

FIG. 29 shows an example of a mechanism for realizing the DID sending function by hardware. In this DID sending mechanism, unlike the sequence of FIG. 27, the DID is encrypted by the random number R1 and sent. HDD is DE
The information processing apparatus includes the S encryption module 291 and the random number R1 module 292 and the DES decryption module 2
93 is provided.

The random number R1 module 292 uses the start signal 2
It is activated by 94 and generates a random number R1 and sends it to the DES encryption module 291. DES encryption module 29
1 encrypts the DID 46 with the received R1 and E
Generate _R1 (DID). Then, E _R1 (DID) is set to D
Send to ES decryption module 293. The DES decryption module 293 decrypts E _R1 (DID) with R1 and outputs the DID.

Next, FIG. 1 used in the clock function of FIG.
CLOCK 162 of No. 3 will be described. FIG. 30 shows C
It is a block diagram of LOCK162. CLOCK162 is
Standard time radio wave reception device 301, battery 302, clock IC
(Integrated Circuit) 303 and diode 3
Including 04 and 305.

The standard time radio wave receiver 301 receives the standard time radio wave and transfers the standard time information to the clock IC 303. The clock IC 303 is the standard time radio wave reception device 301.
From the information processing apparatus to which the HDD is connected, as well as the standard time. Then, when the standard time is input, the current time is adjusted to the standard time, and when the standard time is not input, the current time is adjusted to the corrected time.

Next, the sector management function using the security tag of FIG. 12 will be described in more detail. Figure 31
Shows such a sector management function. The user authentication unit 311 and the sector address replacement unit 312 are
For example, the MA of FIG. 13 implemented by firmware.
It is stored in the SKROM 164.

Non-security sector group 314 of medium 37
Corresponds to a sector group in which access restriction is not set, and the security sector group 315 corresponds to a sector group in which access restriction using a security tag is set. The sector authentication table 313 is a table in which the security tags of the security sector group 315 are registered, as shown in FIG. 32, and the system area 316 of the medium 37.
Stored in.

The information processing apparatus 51 issues a general read / write command, a read / write command with authentication attribute, and a user authentication command to the HDD. When the general read / write command is issued, the sector address reading unit 31
2 interprets the received command and reads and writes to the non-security sector group 314. In this case, reading and writing is prohibited for the security sector group 315.

When a read / write command with an authentication attribute and a user authentication command are issued, the user authentication unit 311 performs user authentication by using the user management function of FIG. 8 and the mutual authentication function of FIG. When completed, the read / write command is passed to the sector address replacement unit 312. Also, the user authentication unit 311 changes the access restriction of the sector authentication table 313 when requested by the information processing device 51.

The sector address re-reading unit 312 interprets the received command, and the non-security sector group 3
14 and the security sector group 315 are read and written. In this case, the security sector group 315 is read and written within the access restriction range registered in the sector authentication table 313.

By the way, the information processing apparatus to which the removable HDD is connected implements each function by software or hardware. When using software, the application 33 of FIG. 4 and the secure driver 4 of FIG.
Necessary processing is performed by executing a program such as 3. Therefore, it is provided with a memory for storing those programs and data used for processing, and a processor for executing the programs. Furthermore, an interface for communicating with the HDD, a network interface for communicating with the distribution server, an input device for inputting instructions and information from the user,
And an output device for reproducing the content.

FIG. 33 shows a computer-readable recording medium capable of supplying a program and data to such an information processing apparatus. Portable recording medium 32
1 and the programs and data stored in the database 323 of the server 322 are loaded into the memory 324 of the information processing device. At this time, the server 322 generates a carrier signal for carrying the program and data, and transmits the carrier signal to the information processing device via an arbitrary transmission medium on the communication network.
Then, the information processing device executes the program using the data and performs the necessary processing.

The portable recording medium 321 is a memory card, a flexible disk, a CD-ROM (compact disk).
sk read only memory), optical disks, magneto-optical disks, etc. are used.

Further, the distribution server for distributing contents to the information processing apparatus has a memory for storing programs and data used for distribution processing including encryption, a processor for executing the programs, and a network interface for communicating with the information processing apparatus. With.

In the embodiment described above, the magnetic disk is used as the medium of the removable HDD, but another disk medium such as an optical disk or a magneto-optical disk may be used. The usage forms of the removable HDD include the following. (1) Do not put the content in the HDD, sell it to the user as it is empty, and deliver the content later. The user
A plurality of copyrighted works can be stored in the HDD. (2) Rental HD containing digital rental videos
D. (3) Buffer HDD of digital broadcast receiver. (4) On-demand distribution buffer HDD of the set top box. (5) Digital video recording buffer HDD. (6) Distribution media for home videos. (7) Media for backup of copyrighted application programs and OS in PC environment. (8) Mobile electronic library. (9) Portable video library (10) Portable music library (11) Trunk for transporting electronic data (not copied during transport). (12) Electronic data safe (locked). (Supplementary Note 1) A removable disk device used by connecting to an information processing device that receives data from a distribution server, the disk medium means having unrewritable identification information recorded, and a request from the information processing device. Depending on,
Read means for reading the identification information from the disk medium means, and sending the identification information to the information processing device,
Removable disk, characterized in that the information processing apparatus comprises interface means for receiving data received from the distribution server from the information processing apparatus using the identification information, and writing means for writing the data in the disk medium means. apparatus. (Supplementary Note 2) A removable disk device used by being connected to an information processing device for reproducing data, the disk medium means having non-rewritable identification information recorded thereon,
Write means for writing data encrypted by a method that can be decrypted using the identification information to the disk medium means, and interface means for transmitting the identification information and the encrypted data to the information processing apparatus A removable disk device comprising: (Supplementary Note 3) A removable disk device used by connecting to an information processing device, the disk medium device, a registration device for registering user identification information and an encryption key in association with each other, and a user received from the information processing device. By exchanging the authentication information with the information processing apparatus by using the encryption key corresponding to the identification information, it is checked whether the information processing apparatus has the encryption key, and the information processing apparatus uses the encryption key. An authentication unit that authenticates the information processing apparatus if it has, and an access unit that accesses the disk medium unit in response to a request from the information processing apparatus after the information processing apparatus is authenticated. Removable disk device. (Supplementary Note 4) A removable disk device used by being connected to an information processing device for reproducing data, wherein disk medium means, encrypted data, and information indicating an expiration date of the data are written in the disk medium means. Write means, clock means for outputting the current time, comparing means for comparing the current time with the expiration date, and for decrypting the encrypted data when the current time is within the expiration date A removable disk device comprising: interface means for sending information necessary for the information processing device to the information processing device. (Supplementary Note 5) A removable disk device used by being connected to an information processing device, comprising: a disk medium unit; identification information of an owner of each sector of the disk medium unit;
Setting means for setting information indicating access restriction to each sector for users other than the owner, and when a user other than the owner of a certain sector attempts to access the sector using the information processing device, A removable disk device, comprising: an access unit for accessing the sector within an access restriction range. (Supplementary Note 6) An information processing device for reproducing data of a removable disk device, wherein authentication information generated using software identification information of the information processing device is exchanged with the removable disk device to thereby remove the removable disk device. Checking means for checking whether or not the device has non-rewritable identification information corresponding to the software identification information; and when the removable disk device has the non-rewritable identification information, the removable disk device An information processing device comprising: (Supplementary Note 7) An information processing device for reproducing data of a removable disk device, wherein the removable disk device is configured to exchange the authentication information with the removable disk device by using an encryption key corresponding to user identification information. After checking whether or not the removable disk device has the encryption key and authenticating the removable disk device if the removable disk device has the encryption key, and after the removable disk device is authenticated, An information processing apparatus comprising: an access unit that accesses data in the removable disk device in response to a request. (Supplementary Note 8) Receiving means for receiving a data request together with the identification information from the information processing device connected to the removable disk device in which the non-rewritable identification information is recorded, and the requested data using the identification information. A distribution server comprising: an encryption unit that encrypts by a method that enables decryption, and a distribution unit that distributes the encrypted data to the information processing apparatus. (Supplementary note 9) A program for an information processing device for reproducing data of a removable disk device, wherein the authentication information generated by using the software identification information of the program is exchanged with the removable disk device to remove the removable disk device. When it is checked whether the disk device has the non-rewritable identification information corresponding to the software identification information, and when the removable disk device has the non-rewritable identification information,
A program for causing the information processing device to execute a process of accessing data of the removable disk device. (Supplementary Note 10) A program for an information processing device for reproducing data of a removable disk device, comprising: exchanging authentication information with the removable disk device by using an encryption key corresponding to identification information of a user. Check whether or not the disk device has the encryption key, and if the removable disk device has the encryption key, authenticate the removable disk device,
A program for causing the information processing apparatus to execute a process of accessing data of the removable disk device in response to a request from the user after the removable disk device is authenticated. (Supplementary Note 11) A recording medium recording a program for an information processing device for reproducing data of a removable disk device, the program including authentication information generated by using software identification information of the program. By interacting with the device, it is checked whether the removable disk device has the non-rewritable identification information corresponding to the software identification information, and the removable disk device has the non-rewritable identification information. A computer-readable recording medium, which causes the information processing apparatus to execute a process of accessing data of the removable disk device when the recording medium is present. (Supplementary Note 12) A recording medium for recording a program for an information processing apparatus for reproducing data of a removable disk device, the program authenticating with the removable disk device using an encryption key corresponding to user identification information. By exchanging information, it is checked whether or not the removable disk device has the encryption key. If the removable disk device has the encryption key, the removable disk device is authenticated, and the removable disk device is authenticated. A computer-readable recording medium, which causes the information processing apparatus to execute a process of accessing data in the removable disk device in response to a request from the user after the authentication is performed. (Supplementary Note 13) A carrier signal for carrying a program to an information processing device for reproducing data of a removable disk device, the program including authentication information generated by using software identification information of the program, to the removable disk device. By exchanging, it is checked whether or not the removable disk device has the non-rewritable identification information corresponding to the software identification information, and when the removable disk device has the non-rewritable identification information. And a carrier signal for causing the information processing apparatus to execute a process of accessing data of the removable disk device. (Supplementary Note 14) A carrier signal for carrying a program to an information processing device for reproducing data of a removable disk device, wherein the program uses the encryption key corresponding to the identification information of the user to identify the removable disk device and the authentication information. By exchanging, it is checked whether or not the removable disk device has the encryption key. If the removable disk device has the encryption key, the removable disk device is authenticated, and the removable disk device is authenticated. And a carrier signal that causes the information processing apparatus to execute a process of accessing data of the removable disk device in response to a request from the user. (Supplementary Note 15) A data request is received together with the identification information from an information processing device connected to a removable disk device in which the non-rewritable identification information is recorded, and the requested data can be decrypted using the identification information. A data distribution method comprising: encrypting the encrypted data and distributing the encrypted data to the information processing apparatus.

[0169]

According to the present invention, content management is performed even if the removable disk device is separated from the information processing device, so that the unauthorized use of the content can be prevented. Therefore, the removable disk device can be widely used as a medium for video and music.

[Brief description of drawings]

FIG. 1 is a principle diagram of a removable disk device of the present invention.

FIG. 2 is a diagram showing a first removable HDD.

FIG. 3 is a diagram showing a second removable HDD.

FIG. 4 is a diagram showing an identification function.

FIG. 5 is a diagram showing a secret key storage function.

FIG. 6 is a diagram showing a communication concealment function.

FIG. 7 is a diagram showing a content distribution system.

FIG. 8 is a diagram showing a user management function.

FIG. 9 is a diagram showing a mutual authentication function.

FIG. 10 is a diagram showing registration of a time-limited license.

FIG. 11 is a diagram showing decryption of a time-limited license.

FIG. 12 is a diagram showing a logical structure of a sector.

FIG. 13 is a configuration diagram of a removable HDD.

FIG. 14 is a configuration diagram of firmware.

FIG. 15 is a diagram showing specifications of firmware.

FIG. 16 is a flowchart of a firmware rewriting procedure.

FIG. 17 is a diagram showing a first head.

FIG. 18 is a diagram showing a second head.

FIG. 19 is a diagram showing a work key generation function.

FIG. 20 is a configuration diagram of a work key generation circuit.

FIG. 21 is a diagram showing cryptographic checksum processing.

FIG. 22 is a configuration diagram of a cryptographic checksum circuit.

FIG. 23 is a diagram showing a user registration process.

FIG. 24 is a diagram showing a user table.

FIG. 25 is a diagram showing a sequence of a mutual authentication function.

FIG. 26 is a diagram showing a mutual authentication mechanism.

FIG. 27 is a diagram showing a sequence of a DID sending function.

FIG. 28 is a diagram showing a DID transmission process.

FIG. 29 is a diagram showing a DID sending mechanism.

FIG. 30 is a configuration diagram of CLOCK.

FIG. 31 is a diagram showing a sector management function.

FIG. 32 is a diagram showing a sector authentication table.

FIG. 33 is a diagram showing a recording medium.

[Explanation of symbols]

11 Disk Medium Means 12 Read Means 13 Interface Means 14 Write Means 15 Registration Means 16 Authentication Means 17 Access Means 18 Clock Means 19 Comparing Means 20 Setting Means 21, 51, 71, 72, 131 Information Processing Devices 22, 24, 31 HDD 23 Interface cable 25 Slot 32 OS 33 Application 34 Communication network 35 Distribution server 36 Secure module 37 Medium 38 File system driver 39 Decoder 41 Master key 42 Manufacturer 43 Secure driver 46 Drive ID (DID) 47 Drive key 48 Soft ID 49 Soft key 52 DID request 53 rANDOM 83 CWK 85 C 90 screen 91,281 random number storage unit 93 uSER _n 96 user table 101 and 103 HWK 106, 110 HF 127 T _EXP 134 built-in clock 141 security tag 142 data 151 PCA 152 DE 161 CPU 162 CLOCK 163 RAM 164 MASKROM 165 I / F 166 HDC 167 SVC 168 RDC 171 SPM 172 VCM 173 HEAD 174 PREAMP 181 INIT 182 CKSM 183 CMD 184 FRW 185 234, 255 DES 186, 242, 244 MAC 187 USR 188 AUT 189 DID 190 SEEK 191 READ 192 WRITE 193 OTHERS 201, 202 head 211 KM 212 IV 213 WK 221 IV register 222 224 DID2 register 2 DID2 register 2 DID2 register 2 226, 2 7, 233 Selector 228, 254 XOR 229 Sequence 230 MK1 register 231 MK2 register 232 MK3 register 235 WK1 register 236 WK2 register 237 WK3 register 241 Program code 243 Work key 251, 256 MAC register 252 Input register 253 Work key register 257 Comparator 261 , 271 Host fixed pattern register 262, 272 Host work key register 263 Random number R2 module 264, 274 Fixed pattern module 273, 292 Random number R1 module 275, 294 Activation signal 291 DES encryption module 293 DES decryption module 301 Standard time radio wave reception device 302 Battery 303 Clock IC 304, 305 Diode 311 User authentication unit 312 Sector address Replaced 313 sector authentication table 314 non security sectors 315 security sectors 316 system area 321 portable recording medium 322 server 323 database 324 memory

Claims (10)

[Claims] 1. A removable disk device used by connecting to an information processing device for receiving data from a distribution server, the disk medium means having non-rewritable identification information recorded thereon, and a request from the information processing device. Corresponding to the read means for reading the identification information from the disk medium means, the identification information is sent to the information processing apparatus, and the data received by the information processing apparatus from the distribution server using the identification information is read by the information processing apparatus. A removable disk device comprising: interface means for receiving from an information processing device; and write means for writing the data in the disk medium means. 2. A removable disk device used by being connected to an information processing device for reproducing data, comprising a disk medium unit in which non-rewritable identification information is recorded, and decoding using the identification information. Removable disk device comprising write means for writing data encrypted by the method to the disk medium means, and interface means for transmitting the identification information and the encrypted data to the information processing device. . 3. A removable disk device used by connecting to an information processing device, the disk medium device, a registration device for registering user identification information and an encryption key in association with each other, and a removable device received from the information processing device. By exchanging the authentication information with the information processing apparatus by using the encryption key corresponding to the user identification information, it is checked whether or not the information processing apparatus has the encryption key. And an access means for accessing the disk medium means in response to a request from the information processing device after the information processing device is authenticated. Characteristic removable disk device. 4. A removable disk device used by connecting to an information processing device for reproducing data, wherein the disk medium means, encrypted data and information indicating an expiration date of the data are stored in the disk medium means. Write means for writing, clock means for outputting the current time, comparing means for comparing the current time with the expiration date, and decrypting the encrypted data when the current time is within the expiration date A removable disk device comprising interface means for sending information necessary for the purpose to the information processing device. 5. A removable disk device used by being connected to an information processing device, the disk medium means, identification information of an owner of each sector of the disk medium means, and each sector for a user other than the owner. Setting means for setting information indicating access restriction to the sector, and when a user other than the owner of a sector attempts to access the sector using the information processing device, the sector is restricted to the sector within the access restriction range. A removable disk device comprising: access means for accessing. 6. An information processing device for reproducing data of a removable disk device, wherein authentication information generated by using software identification information of the information processing device is exchanged with the removable disk device to thereby remove the removable disk device. Check means for checking whether or not the disk device has the non-rewritable identification information corresponding to the software identification information; and when the removable disk device has the non-rewritable identification information, the removable disk An information processing apparatus comprising: an access unit for accessing data of the apparatus. 7. An information processing device for reproducing data of a removable disk device, wherein authentication information is exchanged with the removable disk device by using an encryption key corresponding to user identification information,
An authentication unit that checks whether or not the removable disk device has the encryption key, and authenticates the removable disk device if the removable disk device has the encryption key, and the removable disk device is authenticated. An information processing apparatus, further comprising: an access unit that accesses data in the removable disk device in response to a request from the user. 8. A program for an information processing device for reproducing data of a removable disk device, wherein authentication information generated by using software identification information of the program is exchanged with the removable disk device, It is checked whether or not the removable disk device has non-rewritable identification information corresponding to the software identification information, and when the removable disk device has the non-rewritable identification information, the removable disk device A program for causing the information processing apparatus to execute a process of accessing data. 9. A program for an information processing device for reproducing data of a removable disk device, comprising: exchanging authentication information with the removable disk device using an encryption key corresponding to user identification information,
Check whether or not the removable disk device has the encryption key, authenticate the removable disk device if the removable disk device has the encryption key, and after the removable disk device is authenticated, the A program for causing the information processing device to execute a process of accessing data in the removable disk device in response to a request from a user. 10. A data request can be received together with the identification information from an information processing device connected to a removable disk device in which the non-rewritable identification information is recorded, and the requested data can be decrypted using the identification information. A data distribution method characterized by encrypting by such a method and distributing the encrypted data to the information processing apparatus.